Path Traversal Vulnerability in Atlassian Fisheye and Crucible on Windows

CVE-2017-9511 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The MultiPathResource class in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to read arbitrary files via a path traversal vulnerability when Fisheye or Crucible is running on the Microsoft Windows operating system.

Learn more about our Web Application Penetration Testing UK.